DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

People Inc. reports data security breach involving clients’ personal info

Posted on May 30, 2019 by Dissent

Harold McNeil reports:

People Inc. said it was the target of a data security breach that involved protected health information of some of its current and former clients.

People Inc. learned that two employees’ email accounts were breached and their emails contained personal information about clients, including names, addresses, Social Security numbers, financial account information, medical information, health insurance information and driver’s license or other government identification numbers.

Read more on Buffalo News.  Another source reports that it is nearly 1,000 affected.


The following notice was posted on their web site:

May 29, 2019 – People Inc. has learned of a data security incident that involved protected health information belonging to certain current and former clients.  On May 29, 2019, People Inc.  notified potentially impacted individuals and provided resources to assist them.

On February 19, 2019, People Inc. discovered that an unknown individual had gained access to an email account belonging to a People Inc. employee.  Upon learning this information, People Inc. immediately reset the password required to access the impacted account.  People Inc. also engaged an independent forensics firm to determine what happened and whether personal information was accessed or acquired without authorization as a result of this incident.  Through this investigation, People Inc. learned that an email account belonging to a second employee may have been impacted as well.  That account is no longer operational.  On April 11, 2019, as a result of this investigation, People Inc. learned that the two email accounts contained personal information belonging to some current and former clients.  This personal information may have included names, addresses, Social Security numbers, financial account information, medical information, health insurance information, and/or driver’s license or other government identification numbers.

People Inc. takes the security of all information very seriously.  People Inc. has no evidence indicating that any information aside from the information contained within the two employee email accounts was impacted in connection with this incident.  In addition, People Inc. has no evidence that any of the information potentially involved in this incident has been misused.  People Inc. has reported this matter to the FBI and will cooperate as necessary to hold the perpetrators accountable.

Notification letters were sent to all potentially impacted individuals on May 29, 2019.  The letters include information about this incident and about steps that potentially impacted individuals can take to monitor and help protect their personal information.  People Inc. has established a toll-free call center to answer questions about the incident and to address related concerns.  The call center can be reached at 855-579-3669.  In addition, as a precaution, People Inc. is offering complimentary identity protection services through Experian to potentially impacted individuals.  To determine if you qualify for this service, you must obtain verification through the call center.  If you have been impacted, information on how to enroll for this service will be made available to you.

The privacy and protection of private information is a top priority for People Inc.  People Inc. deeply regrets any inconvenience or concern this incident may cause.

The following information is provided to help individuals wanting more information about  steps that they can take to protect themselves:

What steps can I take to protect my private information?

  • If you detect suspicious activity on any of your accounts, you should promptly notify the financial institution or company with which the account is maintained. You should also report any fraudulent activity or any suspected incidents of identity theft to law enforcement.
  • You may obtain a copy of your credit report at no cost from each of the three nationwide credit reporting agencies.  To do so, visit www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three agencies appears at the bottom of this page.
  • Notify your financial institution immediately of any unauthorized transactions made, or new accounts opened, in your name.
  • You can take steps recommended by the Federal Trade Commission to protect yourself from identify theft. The FTC’s website offers helpful information at www.ftc.gov/idtheft.

What should I do to protect myself from payment card/credit card fraud?

We suggest that you review your debit and credit card statements carefully in order to identify any unusual activity.  If you see anything that you do not understand or that looks suspicious, you should contact the issuer of the debit or credit card immediately.

How do I obtain a copy of my credit report?

You can obtain a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies once every twelve (12) months.  To do so, please visit www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three agencies is included in the notification letter and is also listed at the bottom of this page.

How do I put a fraud alert on my account?

You may consider placing a fraud alert on your credit report. This fraud alert informs creditors of possible fraudulent activity within your report and requests that creditors contact you prior to establishing any accounts in your name. To place a fraud alert on your credit report, contact Equifax, Experian or TransUnion and follow the Fraud Victims instructions. To place a fraud alert on your credit accounts, contact your financial institution or credit provider. Contact information for the three nationwide credit reporting agencies is listed below.

Contact information for the three nationwide credit reporting agencies is as follows:
Equifax Security Freeze
PO Box 105788
Atlanta, GA 30348
1-800-685-1111
www.equifax.com

Experian Security Freeze
PO Box 9554
Allen, TX 75013
1-888-397-3742
www.experian.com

TransUnion (FVAD)
PO Box 2000
Chester, PA 19022
1-800-888-4213
www.transunion.com 

Category: Health DataMiscellaneousU.S.

Post navigation

← Checkers Drive-In Restaurants, Inc. Notifies Checkers and Rally Guests About Data Security Issue
Tennessee, 15 Other States Reach $900,000 Data Breach Settlement With Medical Informatics Engineering →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.